From f0e21906153d8a190b48a70de80b8fe9773e7b3f Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 18 May 2025 22:47:48 +0000 Subject: [PATCH 01/10] dependabot-cli: 1.63.0 -> 1.64.0 (cherry picked from commit 4a70e9546ee0899a26d62f7c8f18592efa3c9037) --- pkgs/by-name/de/dependabot-cli/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index 240b096997e7..a2ec545a7e32 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -11,7 +11,7 @@ }: let pname = "dependabot-cli"; - version = "1.63.0"; + version = "1.64.0"; # vv Also update this vv tag = "nixpkgs-dependabot-cli-${version}"; @@ -47,7 +47,7 @@ buildGoModule { owner = "dependabot"; repo = "cli"; rev = "v${version}"; - hash = "sha256-lk0AEFQYemr4wP7JXx5mPzzo2VzSJvygPP5vtUvPaxs="; + hash = "sha256-NcmDYCXdhMY1KFz3if0XlX4EisQFr0YhJItllXnOfaA="; }; vendorHash = "sha256-pnB1SkuEGm0KfkDfjnoff5fZRsAgD5w2H4UwsD3Jlbo="; From 970330e6524d95f758f9d19422c5b10a561af692 Mon Sep 17 00:00:00 2001 From: Victor Engmark Date: Mon, 19 May 2025 18:09:33 +0200 Subject: [PATCH 02/10] dependabot-cli: Remove myself as maintainer (cherry picked from commit 16c819bb917c13c005e08543acae7084e6bf6fbb) --- pkgs/by-name/de/dependabot-cli/package.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index a2ec545a7e32..4d04b29dd1b2 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -106,7 +106,6 @@ buildGoModule { homepage = "https://github.com/dependabot/cli"; license = licenses.mit; maintainers = with maintainers; [ - l0b0 infinisil ]; }; From 3a5f633f0ac690c7e2557ab8844fa324f51c4fcc Mon Sep 17 00:00:00 2001 From: Philip Taron Date: Mon, 26 May 2025 12:43:52 -0700 Subject: [PATCH 03/10] dependabot-cli: add update script which updates the withDockerImages variant (cherry picked from commit aa5bdb87470b2a1e4b62845123f024e1fe55a2bd) --- pkgs/by-name/de/dependabot-cli/package.nix | 2 + pkgs/by-name/de/dependabot-cli/update.sh | 48 ++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100755 pkgs/by-name/de/dependabot-cli/update.sh diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index 4d04b29dd1b2..f7d225bd8004 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -79,6 +79,8 @@ buildGoModule { $out/bin/dependabot --help ''; + passthru.updateScript = ./update.sh; + passthru.withDockerImages = symlinkJoin { name = "dependabot-cli-with-docker-images"; paths = [ dependabot-cli ]; diff --git a/pkgs/by-name/de/dependabot-cli/update.sh b/pkgs/by-name/de/dependabot-cli/update.sh new file mode 100755 index 000000000000..a01d0accfa32 --- /dev/null +++ b/pkgs/by-name/de/dependabot-cli/update.sh @@ -0,0 +1,48 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p curl gnugrep gnused jq gh nix-prefetch-docker nix gitMinimal + +set -x -eu -o pipefail + +cd $(dirname "${BASH_SOURCE[0]}") + +NIXPKGS_PATH="$(git rev-parse --show-toplevel)" + +temp_dir=$(mktemp -d) +trap 'rm -rf "$temp_dir"' EXIT + +gh api repos/dependabot/cli/releases/latest > "$temp_dir/latest.json" + +VERSION="$(jq -r .tag_name "$temp_dir/latest.json" | sed 's/^v//')" +OLD_VERSION="$(grep -m1 'version = "' ./package.nix | cut -d'"' -f2)" + +if [ "$OLD_VERSION" = "$VERSION" ]; then + echo "dependabot is already up-to-date at $OLD_VERSION" + exit 0 +fi + +SHA256="$(nix-prefetch-url --quiet --unpack https://github.com/dependabot/cli/archive/refs/tags/v${VERSION}.tar.gz)" +HASH="$(nix hash convert --hash-algo sha256 --to sri "$SHA256")" + +nix-prefetch-docker --json --quiet --final-image-name dependabot-update-job-proxy --final-image-tag "nixpkgs-dependabot-cli-$VERSION" ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy latest > "$temp_dir/dependabot-update-job-proxy.json" + +nix-prefetch-docker --json --quiet --final-image-name dependabot-updater-github-actions --final-image-tag "nixpkgs-dependabot-cli-$VERSION" ghcr.io/dependabot/dependabot-updater-github-actions latest > "$temp_dir/dependabot-updater-github-actions.json" + +setKV () { + sed -i "s,$1 = \"[^v].*\",$1 = \"${2:-}\"," ./package.nix +} + +setKV version "${VERSION}" +setKV hash "${HASH}" +setKV updateJobProxy.imageDigest "$(jq -r .imageDigest "$temp_dir/dependabot-update-job-proxy.json")" +setKV updateJobProxy.hash "$(jq -r .hash "$temp_dir/dependabot-update-job-proxy.json")" +setKV updaterGitHubActions.imageDigest "$(jq -r .imageDigest "$temp_dir/dependabot-updater-github-actions.json")" +setKV updaterGitHubActions.hash "$(jq -r .hash "$temp_dir/dependabot-updater-github-actions.json")" + +# We need to figure out the vendorHash for this new version, so we initially set it to `lib.fakeHash` +FAKE_HASH="sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" +setKV vendorHash "$FAKE_HASH" + +set +e +VENDOR_HASH="$(nix-build --no-out-link --log-format internal-json -A dependabot-cli "$NIXPKGS_PATH" 2>&1 >/dev/null | grep "$FAKE_HASH" | grep -o "sha256-[^\\]*" | tail -1)" +set -e +setKV vendorHash "$VENDOR_HASH" From 34a6d20202eed663df3d50e6991800edf9ba2416 Mon Sep 17 00:00:00 2001 From: Philip Taron Date: Mon, 26 May 2025 12:44:17 -0700 Subject: [PATCH 04/10] dependabot-cli: 1.64.0 -> 1.65.0 This was performed by the script after re-shaping the derivation a little. (cherry picked from commit 955d607a334bf5b97f0bcb7601546e03c9a4c0ec) --- pkgs/by-name/de/dependabot-cli/package.nix | 68 +++++++++++----------- 1 file changed, 35 insertions(+), 33 deletions(-) diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index f7d225bd8004..04b67bf130d1 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -11,34 +11,20 @@ }: let pname = "dependabot-cli"; - version = "1.64.0"; + version = "1.65.0"; - # vv Also update this vv + # `tag` is what `dependabot` uses to find the relevant docker images. tag = "nixpkgs-dependabot-cli-${version}"; - updateJobProxy = dockerTools.pullImage { - imageName = "ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy"; - # Get these hashes from - # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy --image-tag latest --final-image-name dependabot-update-job-proxy --final-image-tag ${tag} - imageDigest = "sha256:3030ba5ff8f556e47016fca94d81c677b5c6abde99fef228341e1537588e503a"; - hash = "sha256-RiXUae5ONScoDu85L6BEf3T4JodBYha6v+d9kWl8oWc="; + # Get these hashes from + # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy --image-tag latest --final-image-name dependabot-update-job-proxy --final-image-tag ${tag} + updateJobProxy.imageDigest = "sha256:ef245bd38aaa3cf89cafcffe0630d3ad3cff840488a2051a48517454e7f42368"; + updateJobProxy.hash = "sha256-yndoGLpyV2MiIs0QXbF/W0xJ6jtmnw/ezL54VM80/CI="; - # Don't update this, it's used to refer to the imported image later - finalImageName = "dependabot-update-job-proxy"; - finalImageTag = tag; - }; - - updaterGitHubActions = dockerTools.pullImage { - imageName = "ghcr.io/dependabot/dependabot-updater-github-actions"; - # Get these hashes from - # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/dependabot/dependabot-updater-github-actions --image-tag latest --final-image-name dependabot-updater-github-actions --final-image-tag ${tag} - imageDigest = "sha256:a356576adbec11bc34b142b6ef69a5856a09dc3654bdc9f9b046c08ee2d73ff8"; - hash = "sha256-zqydb2v39xiSBT5ayWEacD0NIH6LoFX8lkRcCKppH08="; - - # Don't update this, it's used to refer to the imported image later - finalImageName = "dependabot-updater-github-actions"; - finalImageTag = tag; - }; + # Get these hashes from + # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/dependabot/dependabot-updater-github-actions --image-tag latest --final-image-name dependabot-updater-github-actions --final-image-tag ${tag} + updaterGitHubActions.imageDigest = "sha256:adeaa00b4ae49e942adccec76d4487a393eebd0dec27cd75a3cdf6cc46d801d7"; + updaterGitHubActions.hash = "sha256-ni9rSEpeo0gIdYy2CIIpnIWg0kttoTnvRwbZ71QwmIg="; in buildGoModule { inherit pname version; @@ -47,7 +33,7 @@ buildGoModule { owner = "dependabot"; repo = "cli"; rev = "v${version}"; - hash = "sha256-NcmDYCXdhMY1KFz3if0XlX4EisQFr0YhJItllXnOfaA="; + hash = "sha256-A7CPn0YDeyr+d1OUde2TGfSt3eCfrK4k3S7NWsvCGx0="; }; vendorHash = "sha256-pnB1SkuEGm0KfkDfjnoff5fZRsAgD5w2H4UwsD3Jlbo="; @@ -85,14 +71,30 @@ buildGoModule { name = "dependabot-cli-with-docker-images"; paths = [ dependabot-cli ]; buildInputs = [ makeWrapper ]; - postBuild = '' - # Create a wrapper that pins the docker images that are depended upon - wrapProgram $out/bin/dependabot \ - --run "docker load --input ${updateJobProxy} >&2" \ - --add-flags "--proxy-image=dependabot-update-job-proxy:${tag}" \ - --run "docker load --input ${updaterGitHubActions} >&2" \ - --add-flags "--updater-image=dependabot-updater-github-actions:${tag}" - ''; + postBuild = + let + updateJobProxyImage = dockerTools.pullImage { + imageName = "ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy"; + finalImageName = "dependabot-update-job-proxy"; + finalImageTag = tag; + inherit (updateJobProxy) imageDigest hash; + }; + + updaterGitHubActionsImage = dockerTools.pullImage { + imageName = "ghcr.io/dependabot/dependabot-updater-github-actions"; + finalImageName = "dependabot-updater-github-actions"; + finalImageTag = tag; + inherit (updaterGitHubActions) imageDigest hash; + }; + in + '' + # Create a wrapper that pins the docker images that `dependabot` uses. + wrapProgram $out/bin/dependabot \ + --run "docker load --input ${updateJobProxyImage} >&2" \ + --add-flags "--proxy-image=dependabot-update-job-proxy:${tag}" \ + --run "docker load --input ${updaterGitHubActionsImage} >&2" \ + --add-flags "--updater-image=dependabot-updater-github-actions:${tag}" + ''; }; passthru.tests.version = testers.testVersion { From 25b0ec83bf7df03d44e18146808d9a97aedf56cf Mon Sep 17 00:00:00 2001 From: Philip Taron Date: Mon, 26 May 2025 12:47:59 -0700 Subject: [PATCH 05/10] dependabot-cli: only run dependabot in order to get completions if supported (cherry picked from commit b80cf33ab1cee28beb47d1d53d318777072d44d4) --- pkgs/by-name/de/dependabot-cli/package.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index 04b67bf130d1..ccc11ad6b414 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -1,10 +1,11 @@ { + lib, + stdenv, buildGoModule, dependabot-cli, dockerTools, fetchFromGitHub, installShellFiles, - lib, makeWrapper, symlinkJoin, testers, @@ -49,7 +50,7 @@ buildGoModule { installShellFiles ]; - postInstall = '' + postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) '' installShellCompletion --cmd dependabot \ --bash <($out/bin/dependabot completion bash) \ --fish <($out/bin/dependabot completion fish) \ From d954ff07e95c2cece4b167cc89f6ceeaed56fe68 Mon Sep 17 00:00:00 2001 From: Philip Taron Date: Mon, 26 May 2025 12:49:35 -0700 Subject: [PATCH 06/10] dependabot-cli: add philiptaron as a maintainer I'll do it as part of keeping nixpkgs-vet up to date. (cherry picked from commit 28a03525e3a38699080476983d9d8e4b1610bc3d) --- pkgs/by-name/de/dependabot-cli/package.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index ccc11ad6b414..ccce75d5721c 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -104,14 +104,15 @@ buildGoModule { version = "v${version}"; }; - meta = with lib; { + meta = { changelog = "https://github.com/dependabot/cli/releases/tag/v${version}"; description = "Tool for testing and debugging Dependabot update jobs"; mainProgram = "dependabot"; homepage = "https://github.com/dependabot/cli"; - license = licenses.mit; - maintainers = with maintainers; [ + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ infinisil + philiptaron ]; }; } From dbb743cb0a1ee302b7651499228df39a5c0045ee Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 8 Jun 2025 21:50:04 +0000 Subject: [PATCH 07/10] dependabot-cli: 1.65.0 -> 1.66.0 (cherry picked from commit 0aa93417d819f5bfa6e1600b47aea5c516b2103b) --- pkgs/by-name/de/dependabot-cli/package.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index ccce75d5721c..fef777d03e45 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -12,20 +12,20 @@ }: let pname = "dependabot-cli"; - version = "1.65.0"; + version = "1.66.0"; # `tag` is what `dependabot` uses to find the relevant docker images. tag = "nixpkgs-dependabot-cli-${version}"; # Get these hashes from # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy --image-tag latest --final-image-name dependabot-update-job-proxy --final-image-tag ${tag} - updateJobProxy.imageDigest = "sha256:ef245bd38aaa3cf89cafcffe0630d3ad3cff840488a2051a48517454e7f42368"; - updateJobProxy.hash = "sha256-yndoGLpyV2MiIs0QXbF/W0xJ6jtmnw/ezL54VM80/CI="; + updateJobProxy.imageDigest = "sha256:0b0d8c67cad11fa0885fcc3fe0add06638c29c19f05a83f80077d5dbb70c2037"; + updateJobProxy.hash = "sha256-7O/1NYdhtmO+MAwfu8BSaJQ1RVkXrFPBpfRy0N7p1lQ="; # Get these hashes from # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/dependabot/dependabot-updater-github-actions --image-tag latest --final-image-name dependabot-updater-github-actions --final-image-tag ${tag} - updaterGitHubActions.imageDigest = "sha256:adeaa00b4ae49e942adccec76d4487a393eebd0dec27cd75a3cdf6cc46d801d7"; - updaterGitHubActions.hash = "sha256-ni9rSEpeo0gIdYy2CIIpnIWg0kttoTnvRwbZ71QwmIg="; + updaterGitHubActions.imageDigest = "sha256:11de6594db1c23e7ed4a6b621e8584b4a3b34484d51f2f8aa850c21fbce9094f"; + updaterGitHubActions.hash = "sha256-cImOCW7tggBWEPlmE55b4OFMxf/+VGLoqx0tRualowo="; in buildGoModule { inherit pname version; @@ -34,10 +34,10 @@ buildGoModule { owner = "dependabot"; repo = "cli"; rev = "v${version}"; - hash = "sha256-A7CPn0YDeyr+d1OUde2TGfSt3eCfrK4k3S7NWsvCGx0="; + hash = "sha256-9VgcQgiNv1v6+jnaWK10yccC1ILSxiIj9ZCIhHY57jk="; }; - vendorHash = "sha256-pnB1SkuEGm0KfkDfjnoff5fZRsAgD5w2H4UwsD3Jlbo="; + vendorHash = "sha256-gENlo1EPzsML+HkDBg4a2VGTUhyKY8AhlpHVszYWBno="; ldflags = [ "-s" From a6b15da80f78d0d712c9c18ae4e98cf4a9b4d6de Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 27 Jun 2025 16:30:44 +0000 Subject: [PATCH 08/10] dependabot-cli: 1.66.0 -> 1.67.1 (cherry picked from commit 7ae32b9a83be8e32a7541103707a6278aa2b36ad) --- pkgs/by-name/de/dependabot-cli/package.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index fef777d03e45..693fb1178422 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -12,20 +12,20 @@ }: let pname = "dependabot-cli"; - version = "1.66.0"; + version = "1.67.1"; # `tag` is what `dependabot` uses to find the relevant docker images. tag = "nixpkgs-dependabot-cli-${version}"; # Get these hashes from # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy --image-tag latest --final-image-name dependabot-update-job-proxy --final-image-tag ${tag} - updateJobProxy.imageDigest = "sha256:0b0d8c67cad11fa0885fcc3fe0add06638c29c19f05a83f80077d5dbb70c2037"; - updateJobProxy.hash = "sha256-7O/1NYdhtmO+MAwfu8BSaJQ1RVkXrFPBpfRy0N7p1lQ="; + updateJobProxy.imageDigest = "sha256:0a7207bc265d7daaae61f2f105659d7c5947dc7e70395d6604cf114695d23578"; + updateJobProxy.hash = "sha256-tQFkP260Vl2j19vTk7kz6/UmbKVg0CtjLuZYe7wHKSA="; # Get these hashes from # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/dependabot/dependabot-updater-github-actions --image-tag latest --final-image-name dependabot-updater-github-actions --final-image-tag ${tag} - updaterGitHubActions.imageDigest = "sha256:11de6594db1c23e7ed4a6b621e8584b4a3b34484d51f2f8aa850c21fbce9094f"; - updaterGitHubActions.hash = "sha256-cImOCW7tggBWEPlmE55b4OFMxf/+VGLoqx0tRualowo="; + updaterGitHubActions.imageDigest = "sha256:d0b91fa5fcfe306614f3c4307b4571cabe25405e06f3ce737a2b7b225530a71c"; + updaterGitHubActions.hash = "sha256-yisnwxqFOUUBSq0YPX0C89dNOYYJ/mfNFhyrQCV6yoc="; in buildGoModule { inherit pname version; @@ -34,10 +34,10 @@ buildGoModule { owner = "dependabot"; repo = "cli"; rev = "v${version}"; - hash = "sha256-9VgcQgiNv1v6+jnaWK10yccC1ILSxiIj9ZCIhHY57jk="; + hash = "sha256-K3ZHLauAtG1pSZsiLwWj9sMWL1epPILLUvc22/+oj+g="; }; - vendorHash = "sha256-gENlo1EPzsML+HkDBg4a2VGTUhyKY8AhlpHVszYWBno="; + vendorHash = "sha256-4737CHJCeq7qn8dGz3bYsauCLipKqItltpI5u6uBvuo="; ldflags = [ "-s" From 6e9d4942da830b78dd72f9bb968f69c9152bb69f Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 7 Jul 2025 10:42:22 +0000 Subject: [PATCH 09/10] dependabot-cli: 1.67.1 -> 1.68.0 (cherry picked from commit c36c268109316c03e5e0ed384fbc9306dafb63dd) --- pkgs/by-name/de/dependabot-cli/package.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index 693fb1178422..63dbcc94db1e 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -12,20 +12,20 @@ }: let pname = "dependabot-cli"; - version = "1.67.1"; + version = "1.68.0"; # `tag` is what `dependabot` uses to find the relevant docker images. tag = "nixpkgs-dependabot-cli-${version}"; # Get these hashes from # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy --image-tag latest --final-image-name dependabot-update-job-proxy --final-image-tag ${tag} - updateJobProxy.imageDigest = "sha256:0a7207bc265d7daaae61f2f105659d7c5947dc7e70395d6604cf114695d23578"; - updateJobProxy.hash = "sha256-tQFkP260Vl2j19vTk7kz6/UmbKVg0CtjLuZYe7wHKSA="; + updateJobProxy.imageDigest = "sha256:83834c9a112c3e29c4bc357e17ee057c32232f443bc295130b024077acbcca4e"; + updateJobProxy.hash = "sha256-ej6AEvnp7n8O6eArrVAJgXzeco/Rz+tXg7gVxo0OsW8="; # Get these hashes from # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/dependabot/dependabot-updater-github-actions --image-tag latest --final-image-name dependabot-updater-github-actions --final-image-tag ${tag} - updaterGitHubActions.imageDigest = "sha256:d0b91fa5fcfe306614f3c4307b4571cabe25405e06f3ce737a2b7b225530a71c"; - updaterGitHubActions.hash = "sha256-yisnwxqFOUUBSq0YPX0C89dNOYYJ/mfNFhyrQCV6yoc="; + updaterGitHubActions.imageDigest = "sha256:90a65d2c98f8fc8ac1fd6291ea0be02a911818d4fa8ec788ceb1c9227fa844f4"; + updaterGitHubActions.hash = "sha256-uc/yetek6XHTWQb1+DJiOWEHS2nea+/jd/lJdpI6m7E="; in buildGoModule { inherit pname version; @@ -34,10 +34,10 @@ buildGoModule { owner = "dependabot"; repo = "cli"; rev = "v${version}"; - hash = "sha256-K3ZHLauAtG1pSZsiLwWj9sMWL1epPILLUvc22/+oj+g="; + hash = "sha256-Pd9Q5ipwcj7KQ+Nr7Tyga3xwGKLPFJIPc23fob0EQeA="; }; - vendorHash = "sha256-4737CHJCeq7qn8dGz3bYsauCLipKqItltpI5u6uBvuo="; + vendorHash = "sha256-vitkSAvc7TAXcqXQPbnIE0z4tYlSvdx072hzAB50O3I="; ldflags = [ "-s" From d1a6992b95e761c16e2c6dbbddd8720c814e40d8 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 19 Aug 2025 23:12:37 +0000 Subject: [PATCH 10/10] dependabot-cli: 1.68.0 -> 1.71.0 (cherry picked from commit 3ab6b3d198505d22ce3b9b2da6040ed38efb1109) --- pkgs/by-name/de/dependabot-cli/package.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pkgs/by-name/de/dependabot-cli/package.nix b/pkgs/by-name/de/dependabot-cli/package.nix index 63dbcc94db1e..9ba6982bebac 100644 --- a/pkgs/by-name/de/dependabot-cli/package.nix +++ b/pkgs/by-name/de/dependabot-cli/package.nix @@ -12,20 +12,20 @@ }: let pname = "dependabot-cli"; - version = "1.68.0"; + version = "1.71.0"; # `tag` is what `dependabot` uses to find the relevant docker images. tag = "nixpkgs-dependabot-cli-${version}"; # Get these hashes from # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy --image-tag latest --final-image-name dependabot-update-job-proxy --final-image-tag ${tag} - updateJobProxy.imageDigest = "sha256:83834c9a112c3e29c4bc357e17ee057c32232f443bc295130b024077acbcca4e"; - updateJobProxy.hash = "sha256-ej6AEvnp7n8O6eArrVAJgXzeco/Rz+tXg7gVxo0OsW8="; + updateJobProxy.imageDigest = "sha256:a42f9b9845929ae044b8cd51b5335195c33fd610405e558552408287c5295827"; + updateJobProxy.hash = "sha256-pEtwBoJ+wF2TdQCcCyigLg4NYqOp2oNCEB7oCJOkwYc="; # Get these hashes from # nix run nixpkgs#nix-prefetch-docker -- --image-name ghcr.io/dependabot/dependabot-updater-github-actions --image-tag latest --final-image-name dependabot-updater-github-actions --final-image-tag ${tag} - updaterGitHubActions.imageDigest = "sha256:90a65d2c98f8fc8ac1fd6291ea0be02a911818d4fa8ec788ceb1c9227fa844f4"; - updaterGitHubActions.hash = "sha256-uc/yetek6XHTWQb1+DJiOWEHS2nea+/jd/lJdpI6m7E="; + updaterGitHubActions.imageDigest = "sha256:ca93364b87b6a803d0005409cdb4c61d9c6d808dca33de47de14ef8c30811b51"; + updaterGitHubActions.hash = "sha256-TnV8IaBrGPpd06YYmvazGMlZTAVJIMCSWdOgi6hkpRE="; in buildGoModule { inherit pname version; @@ -34,10 +34,10 @@ buildGoModule { owner = "dependabot"; repo = "cli"; rev = "v${version}"; - hash = "sha256-Pd9Q5ipwcj7KQ+Nr7Tyga3xwGKLPFJIPc23fob0EQeA="; + hash = "sha256-RZNZ72FG4KQr52X0No6iXU4NMUQs7k000KYpw2Kuz5U="; }; - vendorHash = "sha256-vitkSAvc7TAXcqXQPbnIE0z4tYlSvdx072hzAB50O3I="; + vendorHash = "sha256-5zOMTe8Sa/nkIGtwm4FbAqv3/9Mg5Du2ixxF84VQbXE="; ldflags = [ "-s"